- This topic is empty.
-
AuthorPosts
-
July 18, 2014 at 1:13 am #175734misterjuliParticipant
Hello, I did a php script for contact form.
I’d like a message comes to my email.
When I uploaded the whole website to a hosting, the contact form does not work.
I have changed default email to my email.
Please share me if you know what I have to do.
Please check the script below. Thanks<?php
$name = $_POST[‘name’];
$email = $_POST[’email’];
$compagny = $_POST[‘compagny’];
$message = $_POST[‘message’];//Validate first
if(empty($name)||empty($email)||empty($message))
{
echo “Name and email and message are required !”;
header(‘Location: index.html’);
}
//validate against any email injection attempts
if(IsInjected($email))
{
echo “Bad email value!”;
header(‘Location: index.html’);
}$msg = ” Name : $name \r\n”;
$msg .= ” Email: $email \r\n”;
$msg .= ” Compagny: $compagny \r\n”;
$msg .= ” Message : “.stripslashes($_POST[‘message’]).”\r\n\n”;
$msg .= “User information \r\n”;
$msg .= “User IP : “.$_SERVER[“REMOTE_ADDR”].”\r\n”;
$msg .= “Browser info : “.$_SERVER[“HTTP_USER_AGENT”].”\r\n”;
$msg .= “User come from : “.$_SERVER[“SERVER_NAME”];$recipient = “[email protected]”;// Change the recipient email adress to your adrees
$sujet = “Sender information”;
$mailheaders = “From: $email\r\nReply-To: $email\r\nReturn-Path: $email\r\n”;
$ok = mail($recipient, $sujet, $msg, $mailheaders);if(isset($ok)){
header(‘Location: index.html’);
}else if(! isset($ok)){
echo “Name and email are required !”;
header(‘Location: index.html’);
}// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array(‘(\n+)’,
‘(\r+)’,
‘(\t+)’,
‘(%0A+)’,
‘(%0D+)’,
‘(%08+)’,
‘(%09+)’
);
$inject = join(‘|’, $injections);
$inject = “/$inject/i”;
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}?>
July 18, 2014 at 7:54 am #175747__ParticipantPlease do not “dump” your code on the forums. It is very difficult to read through, and it is not reasonable to expect people to sort through it. Smaller amounts are fine, but when you need to share an entire script, it is best to use a service like pastebin or make a gist on github.
the contact form does not work.
This is useless information: it does not help anyone figure out what might be wrong. How does it “not work”? What actually happens when you try it out? error messages? blank page? submits, but doesn’t do anything afterwards? everything appears to work, but no email arrives? Please be as specific as possible, and we’ll have a better chance at helping you.
July 19, 2014 at 9:46 am #175814misterjuliParticipantHello,
I apologize about that. I’m a new man in webdesign, also this forum.
Thanks for your guides to give the best way to settle my problems.Best Regards,
JulyJuly 19, 2014 at 2:58 pm #175835__ParticipantNo problem at all.
Can you tell us more about your problem? what actually happens when you try to use the contact form?
July 20, 2014 at 2:13 am #175901misterjuliParticipantThis problem is contact form does not send the message to my email.
But sometimes it sent, I don’t understand why it can happen.
When it sent to my email, the message appears in section of spam.
That’s it.Thanks
July 20, 2014 at 4:18 pm #175945__ParticipantWell, one possibility is that the message is being flagged as spam during delivery and discarded. You’re using the submitted email address in the
From
andReply-To
headers: it’s a big “red flag” if the domain name on that email doesn’t match the domain the message was sent from.Try adding a
Sender
header, using an email address from your domain (it doesn’t have to be a “real” address; it could be a “no reply” address).Also,
$email = $_POST['email'];
…
$mailheaders = “From: $email\r\n
…This is very dangerous. This code allows a kind of attack called Header Injection. You need to validate user input — in this case, that
$_POST['email']
really is a single email address (and not a list of email addresses and/or other email headers). This is a very common way of using website contact forms as spam servers. It can cause problems for you, as well: it can get your email server blacklisted, get your hosting account flagged, cancelled, or overcharged.The simplest way to validate an email address is using the
filter_var
function:$email = filter_var( $_POST['email'], FILTER_VALIDATE_EMAIL ); if( ! $email ){ /* $_POST['email'] was *not* a valid email address. Stop processing; do not send your email message. */ }
July 21, 2014 at 7:00 am #175995misterjuliParticipantHello un-traq-ed
Yes, The filter_var is useful. I have used it and it works and send quick.
The message can notice me to distinguish which is spammer or not with a red alert in section of spam. But I’m still thinking how it can come to the section of primary of my email.Thanks for your kind.
July 21, 2014 at 7:04 am #175996misterjuliParticipantHello Soronbe!
Thanks to let me know about that.
But I am still confused for that.
Can you explain that point ?
OP…. meaning ?July 21, 2014 at 8:01 am #176014__Participantabove, the OP used
IsInjected
That function checks some (not all) forms of newlines that might be used to create new headers, but it does not check for commas at all — it will not catch a spam mailing list.
PHP’s
filter_var
function will cover all of those cases. And, being a native function, is much faster.I’m still thinking how it can come to the section of primary of my email.
Have you tried adding a
Sender
header, as I suggested above?
Your message is most likely being flagged as spam during delivery between MTAs.OP…. meaning ?
“OP” refers to the “Original Post,” or in this case, “Original Poster,” i.e., you.
July 24, 2014 at 12:37 am #176275misterjuliParticipantHello un-traq-ed,
Yes, I’ve tried to change the sender.
But it’s still same.
I think it’s well enough at least the contact form works fine.Thank you very much.
July 24, 2014 at 9:37 am #176341__ParticipantYou’re welcome.
Yes, I’ve tried to change the sender.
Just to clarify, you have tried adding a “
Sender
” header to the email (whereas “tried to change the sender” might only mean using a different email address in theFrom
header)?Just want to make sure we’re on the same page.
July 31, 2014 at 12:49 am #177073misterjuliParticipantHello un-traq-ed,
I come back.
Yes, I mean the adding.
Finally, I’d just like to thank you about it. I’m so glad having person who’s willing to share its knowledge in my case.
If it’s possible, could I know about more yourself ?Best regards,
Juli
July 31, 2014 at 9:33 am #177120__ParticipantYes, I mean the adding.
…and did it work?
August 3, 2014 at 6:40 am #177416misterjuliParticipantYes, it worked.
ThanksAugust 3, 2014 at 11:02 am #177425__ParticipantAwesome, glad to hear it!
-
AuthorPosts
- The forum ‘Back End’ is closed to new topics and replies.